The invention concerns a process for the authentication, by an offline terminal, of a portable object, as well as the portable object and the terminal permitting the implementation of this process.
Understood by the term offline terminal is a terminal which is capable of authenticating a portable object without being connected to a central computer.
It is known that the delivery of goods and services by electronic means is experiencing an ever increasing growth. Access to the goods and services provided by a network is authorized by terminals connected to portable objects, generally memory cards supplied by an authorized entity. Before granting access to the goods or services, it is necessary that each terminal be able to authenticate the portable object to which it is connected in order to reject any portable object not supplied by the authorized entity.
One known authentication process consists of connecting each terminal to a central authentication server in order to perform an authentication online, the central authentication server being then protected to prohibit any access to intruders seeking authentication for objects not supplied by the authorized entity. Such a procedure is however very inconvenient due to the importance of the communication network which must remain in operation between the terminals and the central authentication server.
To minimize the cost of authentication, the terminals are often offline or stand-alone; a program and data are installed in each terminal permitting it to carry out the authentication.
Two procedures for authentication by an offline terminal are currently known. According to the first procedure, the terminal contains a secret code and makes use of an algorithm implementing this secret code. Terminals are however sometimes placed in locations where it is difficult to provide them with absolute protection against tampering, and the discovery of the secret code by an unauthorized party will give him the possibility of fabricating portable objects which will be authenticated by the other terminals containing the same secret code. It is thus necessary to install inconvenient means for the protection of the secret code.
According to a second known process, the offline terminals contain an accessible code, but it is then necessary to install an encryption algorithm in the portable objects which makes use of modular multiplication, requiring the installation of processing circuits on the portable object which are generally too expensive.
A goal of the present invention is to propose a process able to be implemented by an offline terminal containing nothing secret, and without the need for the execution of modular multiplications by the processing circuit of the portable object.